Homer Posted April 28, 2011 Share Posted April 28, 2011 Bit of a stange one... When using google I can be randomonly redirected to other sales/search sites. None of these site appear to be "dodgy" ones, it tends to redirect to other mainstream search engines or price comparison sites such as kelkoo. It can be quite intermittant, e.g. after searching for "shopping", I click on the first link (Next.co.uk), it will redirect to another site, but try it again a few seconds later and it goes to the correct (Next.co.uk) site. One thing I do see is that when clicking the link, it's being redirected to another site, quite often "googleanalytics" pops up as a rediect, however that appears to be a legitimate site. I am using avast and ad-aware and no issues are detected. Another person also experienced the same problem using my internet connection, but was using a different set of antivirus and malware protection. Also, when he changed the DNS from my ISP to OpenDNS the issue went away. The same problem does not occur when using VPN and foreign proxy/DNS. I get the same issue on 2 personal laptops and my desktop, but not my work laptop (which is connected to a company VPN) I'm really not sure what is causing this, it is not coming up in any virus or malware apps (I've tried dozens) and my ISP (Virgin media) says it has no DNS problem. Any ideas what could be causing this? Quote Link to comment Share on other sites More sharing options...
JustGav Posted April 29, 2011 Share Posted April 29, 2011 This still occurring? It is something very weird on your connection, my laptop hasn't displayed the same issue since moving back to the 3 Mifi unit. I would hazard a guess at DNS poisoning. Have you tried opting out of the Virgin DNS hijacking thing they have? Quote Link to comment Share on other sites More sharing options...
robin Posted April 29, 2011 Share Posted April 29, 2011 Sounds like a problem with your router/isp if it is occurring on other computers too. Maybe use the open DNS for now and have a chat with your ISP? Quote Link to comment Share on other sites More sharing options...
Biguns Posted April 29, 2011 Share Posted April 29, 2011 Run combofix first then superantispyware, we do this on about 40 pc's a week mate works every time. Quote Link to comment Share on other sites More sharing options...
Snooze Posted April 30, 2011 Share Posted April 30, 2011 TDSSKiller is what you're after, I think. Quote Link to comment Share on other sites More sharing options...
Wez Posted April 30, 2011 Share Posted April 30, 2011 Your ISP dns is the issue, if by using another DNS server the problem goes away you have answered the question, I never use ISP dns servers as they tend to be slow and 90% of the cause for slow internet response Quote Link to comment Share on other sites More sharing options...
Homer Posted April 30, 2011 Author Share Posted April 30, 2011 Run combofix first then superantispyware, we do this on about 40 pc's a week mate works every time. Tried it, didn't find anything (and you could have warned me what combofix was going to do!!) TDSSKiller is what you're after, I think. Didn't find anything Your ISP dns is the issue, if by using another DNS server the problem goes away you have answered the question, I never use ISP dns servers as they tend to be slow and 90% of the cause for slow internet response It's crazy that Virgin media could be responsible for this, at least 50% of the links I hit get redirected to random sites. I'm going to give them a call Quote Link to comment Share on other sites More sharing options...
hemmjonny Posted April 30, 2011 Share Posted April 30, 2011 Had a similar prob with the bt home hub true a factory reset but still did the same so changed it and all was good. If you know anyone with a spare router give it a go. Quote Link to comment Share on other sites More sharing options...
JustGav Posted April 30, 2011 Share Posted April 30, 2011 Homer, I'll buzz you over my OpenDNS details as I'm not using the account at the mo, 3Mifi is sufficient for my current needs Quote Link to comment Share on other sites More sharing options...
JustGav Posted April 30, 2011 Share Posted April 30, 2011 Had a similar prob with the bt home hub true a factory reset but still did the same so changed it and all was good. If you know anyone with a spare router give it a go. Can't do that with Virgin Media, as the router's MAC is tied to the user's account. Unless it is the WiFi AP that has been poisoned, which is possible to sooooome degree, but not likely I wouldn't have thought. Quote Link to comment Share on other sites More sharing options...
hemmjonny Posted April 30, 2011 Share Posted April 30, 2011 Can't do that with Virgin Media, as the router's MAC is tied to the user's account. Unless it is the WiFi AP that has been poisoned, which is possible to sooooome degree, but not likely I wouldn't have thought. Ah shame, don't have virgin here :-(. See how he gets on calling them. Quote Link to comment Share on other sites More sharing options...
hemmjonny Posted April 30, 2011 Share Posted April 30, 2011 If you did swap could you not call in the new MAC address to virgin? Quote Link to comment Share on other sites More sharing options...
JustGav Posted April 30, 2011 Share Posted April 30, 2011 If you did swap could you not call in the new MAC address to virgin? Nah, virgin are ultra funny with that sort of thing, only their techs can change the modems, they are the property of VM. They can get a little funny if try put a different unit (MAC cloning and cable hacking etc) Quote Link to comment Share on other sites More sharing options...
Homer Posted May 9, 2011 Author Share Posted May 9, 2011 Found the issue - the DNS settings on my router had been hyjacked. No idea how they were changed as the password was changed as soon as I installed it... Changed them to OpenDNS and no more problems now Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.